﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.Configuration;
using System.Data;
using System.Data.SqlClient;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.SessionState;
using System.Data.Common;
using System.Web.Security;
using System.Data.OleDb;

namespace Forums.UserControls
{
    public partial class LoginInfo : System.Web.UI.UserControl
    {
        //declare an Event Handler
        public event EventHandler btnLoginClicked;

        string connection;
        SqlConnection sqlConnection;
        SqlCommand sqlUserCheck;

        protected void Page_Load(object sender, EventArgs e)
        {
            connection = WebConfigurationManager.ConnectionStrings["CentForumsDB"].ConnectionString;
            sqlConnection = new SqlConnection(connection);

        }

        protected void btnLogin_Click(object sender, EventArgs e)
        {
            //calls the event handler which is linked to the HomePage
            btnLoginClicked(sender, e);
        }

        protected void btnRegister_Click(object sender, EventArgs e)
        {
            Response.Redirect("RegistrationPage.aspx");
        }

        protected void userValidate(object sender, EventArgs e)
        {
            lblInvalidUser.Visible = false;

            string user = txtUser.Text;
            string password = txtPassword.Text;
          
            //check user info against db
            sqlConnection.Open();
            string sqlCommand = "SELECT user_accnt FROM Registration WHERE member_name = '" + user + "' AND pwdcompare('" + password + "', password) = 1";
            sqlUserCheck = new SqlCommand(sqlCommand, sqlConnection);
            int user_id = Convert.ToInt32(sqlUserCheck.ExecuteScalar());

            //user found
            if (user_id > 0)
            //if (user_id != null)
            {
                //get the current HttpContext
                HttpContext context = HttpContext.Current;

                //set session variable with user info
                Session["User"] = user_id.ToString();

                //create cookie
                HttpCookie cookie = new HttpCookie("User", user_id.ToString());

                //set default expiration date for cookie (if user does not sign out) 
                int days = Int32.Parse(WebConfigurationManager.AppSettings["userInfoPersistDay"]);
                DateTime currentDate = DateTime.Now;
                TimeSpan timeSpan = new TimeSpan(days, 0, 0, 0);
                DateTime expireDate = currentDate.Add(timeSpan);
                cookie.Expires = expireDate;


                context.Response.Cookies.Add(cookie);
                btnLogin_Click(sender, e);

            }
            else
            {
                lblInvalidUser.Visible = true;
            }
            sqlConnection.Close();

        }
    }
}
